CVE-2025-61863

An out-of-bounds read vulnerability exists in VS6ComFile!CSaveData::deletemem of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end ABEND, and arbitrary code execution...

CVE-2024-8868

A vulnerability was found in code-projects Crud Operation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file savedata.php. The manipulation of the argument sname leads to sql injection. The attack may be initiated remotely. The exploit has been...

PT-2024-39286 · Unknown · Code-Projects Crud Operation System

Name of the Vulnerable Software and Affected Versions: code-projects Crud Operation System version 1.0 Description: A critical issue affects some unknown processing of the file savedata.php. The manipulation of the argument sname leads to sql injection. The attack may be initiated remotely. The...

PT-2024-27125 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: PrestaShop module "Isotope" pk isotope versions =1.7.3 Description: The issue allows attackers to obtain sensitive information and cause other impacts via the pk isotope::saveData and pk isotope::removeData methods. Recommendations: For...

Feather Login Page < 1.1.6 - Cross-Site Request Forgery via saveData()

Description The Feather Login Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.5. This is due to missing or incorrect nonce validation on the saveData function. This makes it possible for unauthenticated attackers to update the plugin's...

Micro Focus Secure Messaging Gateway Command Injection (CVE-2020-11852)

A command injection vulnerability exists in Micro Focus Secure Messaging Gateway. The vulnerability is due to improper validation of SaveData parameter within managedomainssavedata.json.php...

CVE-2018-15846

An issue was discovered in fledrCMS through 2014-02-03. There is a CSRF vulnerability that can change the administrator's password via index.php?p=done&savedata=1...

Design/Logic Flaw

The SaveData method in the Cygnicon.ViewControl.1 ActiveX control in CyViewer.ocx in Ashampoo 3D CAD Professional 3.x before 3.0.2 allows remote attackers to write to arbitrary files via a pathname in the first argument...

CVE-2011-5291

The CVE-2011-5291 entry concerns Ashampoo 3D CAD Professional (3.x) before 3.0.2, where the SaveData method of the Cygnicon.ViewControl.1 ActiveX control in CyViewer.ocx allows a remote attacker to write arbitrary files by supplying a pathname as the first argument. The vulnerability is rooted in...

CVE-2011-5291

The SaveData method in the Cygnicon.ViewControl.1 ActiveX control in CyViewer.ocx in Ashampoo 3D CAD Professional 3.x before 3.0.2 allows remote attackers to write to arbitrary files via a pathname in the first argument...

Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability

Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url: http://www.oracle.com/technetwork/middleware/epm/downloads/index.html files tested: SystemInstaller-11121-win32.zi...

Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution

Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url: http://www.oracle.com/technetwork/middleware/epm/downloads/index.html files tested: SystemInstaller-11121-win32.zi...

Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution

Oracle Hyperion Financial Management TList6 - ActiveX Control Remote Code Execution Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url:...

Oracle Hyperion Financial Management Code Execution

Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url: http://www.oracle.com/technetwork/middleware/epm/downloads/index.html files tested: SystemInstaller-11121-win32.zi...

Oracle Hyperion Financial Management TList6 ActiveX Control Code Exec

Exploit for windows platform in category remote exploits Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability tested against: Internet Explorer 8 Microsoft Windows Server 2003 r2 sp2 download url:...

Ashampoo 3D CAD ActiveX unsafe method

Unsafe SaveData method allows to create files...

CygniCon CyViewer - ActiveX Control &#039;SaveData()&#039; Insecure Method

source: https://www.securityfocus.com/bid/48483/info CygniCon CyViewer ActiveX control is prone to a vulnerability caused by an insecure method. Successfully exploiting this issue will allow attackers to create or overwrite files within the context of the affected application typically Internet...

CygniCon CyViewer - ActiveX Control SaveData() Insecure Method

CygniCon CyViewer - ActiveX Control SaveData Insecure Method source: https://www.securityfocus.com/bid/48483/info CygniCon CyViewer ActiveX control is prone to a vulnerability caused by an insecure method. Successfully exploiting this issue will allow attackers to create or overwrite files within...